projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #19324 from demeritcowboy/no-port
[civicrm-core.git] / release-notes / 5.19.2.md
diff --git a/release-notes/5.19.2.md b/release-notes/5.19.2.md
index 48b78e830ec76f8680b882c5d6c6992906423fe8..24e9f4de926e2a1f9b89f6b85d79c2ba0af0b182 100644 (file)
--- a/release-notes/5.19.2.md
+++ b/release-notes/5.19.2.md
@@ -3,23 +3,45 @@
 Released November 20, 2019
 
 - **[Security advisories](#security)**
+- **[Bugs resolved](#bugs)**
 - **[Credits](#credits)**
 
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?*                                         |         |
+|:--------------------------------------------------------------- |:-------:|
+| **Fix security vulnerabilities?**                               | **yes** |
+| Change the database schema?                                     |   no    |
+| Alter the API?                                                  | **yes** |
+| Require attention to configuration options?                     |   no    |
+| Fix problems installing or upgrading to a previous version?     |   no    |
+| Introduce features?                                             |   no    |
+| **Fix bugs?**                                                   | **yes** |
+
 ## <a name="security"></a>Security advisories
 
-- **[CIVI-SA-2019-19](https://civicrm.org/advisory/civi-sa-2019-19-sqli-in-dedupefind)**: SQLI in dedupefind
-- **[CIVI-SA-2019-20](https://civicrm.org/advisory/civi-sa-2019-20-privilege-escalation-via-leaked-key)**: Privilege Escalation via Leaked Key
-- **[CIVI-SA-2019-21](https://civicrm.org/advisory/civi-sa-2019-21-poi-saved-search-and-report-instance-apis)**: POI via Saved Search and Report Instance APIs
-- **[CIVI-SA-2019-22](https://civicrm.org/advisory/civi-sa-2019-22-xss-in-dashboard-titles)**: XSS in Dashboard Titles
-- **[CIVI-SA-2019-23](https://civicrm.org/advisory/civi-sa-2019-23-incorrect-storage-encoding-for-apiv4)**: Incorrect storage encoding for APIv4
-- **[CIVIEXT-SA-2019-02](https://civicrm.org/advisory/civiext-sa-2019-02-xss-in-civicase-v5-extension)**: XSS in CiviCase v5 Extension.
+- **[CIVI-SA-2019-19](https://civicrm.org/advisory/civi-sa-2019-19-sqli-in-dedupefind): SQL injection in "dedupefind"**
+- **[CIVI-SA-2019-20](https://civicrm.org/advisory/civi-sa-2019-20-privilege-escalation-via-leaked-key): Privilege escalation via leaked key**
+- **[CIVI-SA-2019-21](https://civicrm.org/advisory/civi-sa-2019-21-poi-saved-search-and-report-instance-apis): PHP object injection via "Saved Search" and "Report Instance" APIs**
+- **[CIVI-SA-2019-22](https://civicrm.org/advisory/civi-sa-2019-22-xss-in-dashboard-titles): Cross-site scripting in dashboard titles**
+- **[CIVI-SA-2019-23](https://civicrm.org/advisory/civi-sa-2019-23-incorrect-storage-encoding-for-apiv4): Incorrect storage encoding for APIv4**
+- **[CIVIEXT-SA-2019-02](https://civicrm.org/advisory/civiext-sa-2019-02-xss-in-civicase-v5-extension): Cross-site scripting in CiviCase v5 extension**
+
+## <a name="bugs"></a>Bugs resolved
+
+- **_Member Summary Report_ - Fix filtering by "Member Since" ([dev/core#1406](https://lab.civicrm.org/dev/core/issues/1406): [15894](https://github.com/civicrm/civicrm-core/pull/15894))**
+- **_Contribution Search_ - Fix issue with displaying cancellation date ([dev/core#1391](https://lab.civicrm.org/dev/core/issues/1391): [15893](https://github.com/civicrm/civicrm-core/pull/15893))**
+- **_Contribution Search_ - Fix issue where search criteria were applied inconsistently ([dev/core#1374](https://lab.civicrm.org/dev/core/issues/1374): [15896](https://github.com/civicrm/civicrm-core/pull/15896))**
+- **_Additional Payment Form, Payment API_ - Calculate "Net Amount" automatically. Remove error-prone field from UI. ([dev/core#1409](https://lab.civicrm.org/dev/core/issues/1409): [15889](https://github.com/civicrm/civicrm-core/pull/15889))**
 
 ## <a name="credits"></a>Credits
 
 This release was developed by the following people, who participated in
 various stages of reporting, analysis, development, review, and testing:
 
-Alan Dixon of Blackfly Solutions; Coleman Watts of CiviCRM; Daniel Compton of
-Armadillo Sec Ltd; Eileen McNaughton of Wikimedia Foundation; Kevin Cristiano of
-Tadpole Collective; Patrick Figel of Greenpeace CEE; Seamus Lee of Australian
-Greens; Tim Otten of CiviCRM
+Alan Dixon of Blackfly Solutions; Coleman Watts of CiviCRM; Daniel Compton
+of Armadillo Sec Ltd; Dave D; Eileen McNaughton of Wikimedia Foundation;
+Karin Gerritsen of Semper IT; Kevin Cristiano of Tadpole Collective; Mark
+Burdett of Electronic Frontier Foundation; Morgan Robinson of Palante
+Technology Cooperative; Patrick Figel of Greenpeace CEE; Seamus Lee of
+Australian Greens; Tim Otten of CiviCRM
\ No newline at end of file